package cn.kgc.shiro.web.controller;

import cn.hutool.core.util.RandomUtil;
import cn.kgc.shiro.web.entity.User;
import cn.kgc.shiro.web.service.UserService;
import jakarta.annotation.Resource;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @author 课工场
 * @date 2024/8/22
 * @description
 */
@RestController
@RequestMapping("user")
public class UserController {

    @Resource
    private UserService userService;


    // 用户认证接口
    @GetMapping("login")
    public Map<String, Object> login(User user) {

        //  通过shiro提供的subject 实现用户的认证操作
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(user.getUsername(), user.getPassword());
        Subject subject = SecurityUtils.getSubject();

        HashMap<String, Object> map = new HashMap<>();

        try {
            subject.login(usernamePasswordToken);
            map.put("code",200);
            map.put("message","认证通过");
        }catch (IncorrectCredentialsException e){
            map.put("code",500);
            map.put("message","密码错误");
        }catch (UnknownAccountException e){
            map.put("code",500);
            map.put("message","用户名错误");
        }

        return  map;
    }



    @PostMapping ("register")
    public Map<String,Object> register(User user){

        String salt = RandomUtil.randomString(8);
        user.setSalt(salt);
        String md5Pwd = new SimpleHash("MD5", user.getPassword(),salt,10).toHex();
        user.setPassword(md5Pwd);
        userService.save(user);

        HashMap<String, Object> map = new HashMap<>();
        map.put("code",200);
        map.put("message","注册成功");

        return map;
    }



    @GetMapping("list")
    @RequiresRoles(value = {"super","admin","user"},logical = Logical.OR)
    public List<User> userList() {
        return userService.list();
    }


    @PostMapping("add")
    @RequiresRoles(value = {"super","admin"},logical = Logical.OR)
    public Map<String,Object> addUser(User user) {
        userService.save(user);
        HashMap<String, Object> result = new HashMap<>();
        result.put("code", 200);
        result.put("message", "操作成功");
        return  result;
    }

    @PostMapping("update")
    @RequiresRoles(value = {"super","admin"},logical = Logical.OR)
    public Map<String,Object> updateUser(User user) {
        userService.updateById(user);
        HashMap<String, Object> result = new HashMap<>();

        result.put("code", 200);
        result.put("message", "操作成功");
        return  result;
    }

    @PostMapping("delete")
    @RequiresRoles("super")
    public Map<String,Object> deleteUser(Integer id) {
        userService.removeById(id);

        HashMap<String, Object> result = new HashMap<>();
        result.put("code", 200);
        result.put("message", "操作成功");
        return  result;
    }

    @GetMapping("unAuth")
    public Map<String, Object> unAuth() {

        HashMap<String, Object> result = new HashMap<>();
        result.put("code", 401);
        result.put("message", "请认证后访问...");
        return result;
    }

}
